Skillv1.0.1

ClawScan security

skill-craft · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 15, 2026, 6:40 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it is a meta-skill for creating and optimizing other skills and its instructions, included scripts, and references match that purpose.
Guidance: This skill is a coherent meta-tool for creating and optimizing other skills and appears to do what it says. Before using it: (1) inspect the bundled scripts (scripts/init_skill.py, package_skill.py, quick_validate.py) before running them and run them in a sandbox or a non-sensitive directory, because they create files, directories, and may mark scripts executable; (2) avoid running any script as root or in system directories to prevent accidental overwrites; (3) if you plan to let an agent autonomously invoke this skill, be aware it will have instructions to read and write workspace files — grant it only to directories you trust; (4) note quick_validate enforces a specific SKILL.md frontmatter schema (allowed keys: name, description, license, allowed-tools, metadata) which may reject other frontmatter fields used by some ecosystems. If you need higher assurance, run the scripts locally in a controlled environment first.

Review Dimensions

Purpose & Capability: okName/description match the contents. The shipped Python scripts (init, package, quick_validate) and the references are appropriate for a 'skill authoring/optimization' meta-skill — they create templates, validate SKILL.md, and package skill folders, which a skill-authoring tool legitimately needs.
Instruction Scope: noteSKILL.md contains detailed runtime guidance that intentionally instructs reading/writing files, creating scripts/resources, running validation and packaging scripts, and using filesystem-based state patterns. This is expected for a skill-authoring tool, but it means the agent will be instructed to manipulate the local workspace and may execute scripts if invoked — review any generated or bundled scripts before running them.
Install Mechanism: okNo install spec or external downloads. The skill is instruction-first and ships local Python scripts; nothing fetches arbitrary code from external URLs. This is low-risk compared with remote-download installers.
Credentials: okThe skill declares no environment variables, no credentials, and no config paths. The capability to create files/directories and set executability (chmod) is appropriate for a tool that scaffolds and packages skills.
Persistence & Privilege: okalways:false and normal autonomous invocation are used. The skill manipulates files within skill directories (creating templates, packaging .skill zip), but it does not request system-wide persistence or modify other skills' configs. No elevated platform privileges are asserted.